/*
 * To change this template, choose Tools | Templates
 * and open the template in the editor.
 */
package telsoft.cms_admin.validation;

import java.io.IOException;
import java.util.ResourceBundle;
import java.util.Vector;
import javax.faces.bean.ManagedBean;
import javax.faces.bean.SessionScoped;
import javax.servlet.Filter;
import javax.servlet.FilterChain;
import javax.servlet.FilterConfig;
import javax.servlet.ServletException;
import javax.servlet.ServletRequest;
import javax.servlet.ServletResponse;
import javax.servlet.annotation.WebFilter;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;
import javax.servlet.http.HttpSession;
import telsoft.cms_admin.login.LoginBean;
import telsoft.cms_admin.login.RuleBean;

/**
 *
 * @author Administrator
 */
@ManagedBean
@SessionScoped
public class AuthenticatorFilter implements Filter{

    /**
     * Creates a new instance of AuthenticatorFilter
     */
    public AuthenticatorFilter() {
    }
    
    @Override
    public void doFilter(ServletRequest request, ServletResponse response, FilterChain chain) throws IOException, ServletException {
        HttpServletRequest req = (HttpServletRequest) request;
        HttpServletResponse res = (HttpServletResponse) response;
        String pageRequested = req.getRequestURI().toString();
        HttpSession session = req.getSession(false);
        Object vPermission_module = session == null ? null : session.getAttribute(LoginBean.VECTOR_PERMISSION_MODULE);
        String notPermissionURL = req.getContextPath() + "/tamnhat/home.xhtml";
        //truong hop co dang nhap va co vector quyen thi kiem tra quyen        
        if(vPermission_module != null && !checkPermissioModule(pageRequested, (Vector) vPermission_module)){    
            if ("partial/ajax".equals(req.getHeader("Faces-Request"))) {
                res.setContentType("text/xml");
                res.getWriter().append("<?xml version=\"1.0\" encoding=\"UTF-8\"?>")
                        .printf("<partial-response><redirect url=\"%s\"></redirect></partial-response>", notPermissionURL);
            } else {
                res.sendRedirect(notPermissionURL);
            }
        }
        //cac truong hop con lai cho qua het
        else{
            chain.doFilter(request, response);
        }
    }

    @Override
    public void destroy() {
        //
    }
    
    @Override
    public void init(FilterConfig filterConfig) throws ServletException {
        //
    }
    
    public static boolean checkPermissioModule(String pageReq,Vector vPermissionModule){  
        if(pageReq.endsWith("home.xhtml") || pageReq.endsWith("login.xhtml") || pageReq.endsWith("changePass.xhtml")) return true;
        ResourceBundle resource = ResourceBundle.getBundle("config");
        String prefix = resource.getString("realPathInRuleBean");
        for (int i = 0; i < vPermissionModule.size(); i++) {
            String path = vPermissionModule.elementAt(i).toString();        
            String realPath = prefix + path;
            if (realPath.equals(pageReq)) {
                return true;
            }
        }
        return false;
    }
}
